const express = require('express');
const router = express.Router();
const userController = require('../controller/userController')
const authController = require('../controller/authController')
// 用户注册
router.route('/signup').post(authController.signup);
router.route('/login').post(authController.login);
router.route('/forgotPassword').post(authController.forgotPassword);
router.route('/resetPassword/:token').patch(authController.resetPassword);

// 中间件在这里生效
router.use(authController.protect)
// 更新用户资料
router.route('/updateMyPassword').patch(authController.updatePassword);
router.route('/me').get(userController.getMe,userController.getUser);
router.route('/updateMe').patch(userController.updateMe);
router.route('/deleteMe').delete(userController.deleteMe);
// 设置操作权限
router.use(authController.restrictTo('admin'))
router.route('/').get(userController.getAllUser).post(userController.createUser);
router.route('/:id').get(userController.getUser).patch(userController.updateUser).delete(userController.deleteUser);


module.exports = router

